How to Find Available CIFS Shares on a Known File Server

Determine the server that you want to query about available shares.

If you are not familiar with the CIFS file servers available in your domain, contact your system administrator. You might be able to use Network Neighborhood on Windows systems or the GNOME file browser to browse for available CIFS shares.

List the available CIFS shares on a server.

$ smbutil view [-A | -U user] //[domain;][user[:password]@]server

//[domain;][user[:password]@]server is a resource name. user is the user name with which you connect to the CIFS server, server. You can optionally specify the domain name and the password of the user that you specified on the command line.

The -A option enables you to view shares anonymously, and you are not prompted for a password. The -Uuser option indicates the user with which to authenticate on the specified server.

When prompted, enter the password for the user that you specified on the CIFS server.

If you specified the -A option to view shares anonymously, you are not prompted for a password.

If you did not specify a user, enter the password associated with your user name.

View the list of available CIFS shares.

The smbutil view output shows the name of the share, its type, and an optional text description of the share.

Most shares have a type of disk because the shares are files and directories. The other share types are as follows:

IPC– Represents an interprocess communication (IPC) device, such as a pipe or a mailslot

printer– Represents a printer queue

device– Represents a communications device

For example, the following command shows how to view the shares on the solarsystem server:

The following command enables you to anonymously view the shares on the solarsystem server:

$ smbutil view -A //solarsystem

How to Mount a CIFS Share on a Directory You Own

Note –

If you own the directory on which you want to mount a share, you can perform the mount operation yourself. If you do not own the directory, you must perform the mount operation as the owner of the directory or as superuser.

For example, to mount the /tmp share from the solarsystem server on the /mnt mount point, type:

$ mount -F smbfs //solarsystem/tmp /mnt

How to View the List of Mounted CIFS Shares

This procedure shows how to list all of the CIFS shares that are mounted on your system. The resulting list includes your mounts, other users' mounts, and multiuser mounts created by the system administrator.

Unmount the share by specifying the name of the mount point, /mnt or /files in the previous step.

For example:

$ umount /mnt

How to Store a CIFS Persistent Password

Interactions with a CIFS file server require authentication. For instance, when you view the shares available on a server or you try to mount a share on your system, the transaction is authenticated.

Note –

A persistent password is not needed when Kerberos is configured on the client and server and you have a Kerberos ticket-granting ticket (TGT). In such configurations, you can view and mount shares without specifying a password.

You can supply the password each time that you make a connection to the server, or you can store a persistent password to be automatically used for these transactions.

Note –

You can store a persistent password for each user on the CIFS server that you use to access shares.

The password you store persists until any of the following occur:

The CIFS client is rebooted.

The smbutil logout command is run for the user.

The smbutil logoutall command is run by superuser.

Store the persistent password for the CIFS server.

$ smbutil login user
Password:

The following command stores the persistent password for terry@solarsystem. Each time Terry performs a transaction with solarsystem, the persistent password is used to perform the authentication.

$ smbutil login terry@solarsystem
Password:

How to Configure the PAM Module to Store a CIFS Persistent Password

When installed, the pam_smbfs_login.so.1 module enables you to store a persistent password the same as if you had run the smbutil login command for PAM_USER in the user's or system's default domain.

This optional functionality is meant to be used only in environments that do not run Active Directory or Kerberos, but which synchronize passwords between Solaris clients and their CIFS/SMB servers.

Add the following line to the /etc/pam.conf file after the other login entries:

login auth optional pam_smbfs_login.so.1

This action adds a persistent password entry as if you had run the smbutil login command.

Note –

The PAM module implements a privilege to permit it to run as superuser to store your password.

Verify that your persistent password is stored.

$ smbutil login -c user

Example 4–1 Configuring the PAM Module to Store a Persistent Password

The following example shows how the domain is chosen. The system default is WORKGROUP. The WORKGROUP domain is overridden by any default from SMF, and finally by any default from the user's .nsmbrc file.

If Terry puts a password in ~terry/.nsmbrc, he must remove read permission. Also, because Terry's home directory is on an NFS server, the PAM module running as root cannot access Terry's file, so Terry would see the following and use the SMF domain instead:

This example shows how user terry can configure the example.com environment by placing this .nsmbrc configuration file in his home directory.

The default section describes the default domain, which is called SALES, and sets a default user of MYUSER. These default settings are inherited by other sections unless property values are overridden.

FSERVER is a server section that defines a server called fserv.example.com. It is part of the SALES domain.

RSERVER is a server section that defines a server called rserv.example.com that belongs to a new domain called REMGROUP.

# Configuration file for example.com
# Specify the Windows account name to use everywhere.
[default]
domain=SALES
user=MYUSER
# The 'FSERVER' is server in our domain.
[FSERVER]
addr=fserv.example.com
# The 'RSERVER' is a server in another domain.
[RSERVER]
domain=REMGROUP
addr=rserv.example.com